2022-03-26 13:21:17 -07:00
|
|
|
#!/usr/bin/env bash
|
2020-10-29 00:46:57 +01:00
|
|
|
|
Add Dockerfile for application and documentation
This commit adds a `Dockerfile` to the root of the project, accompanied
by a `docker-compose.yml.example` for simplified deployment. The
`Dockerfile` is agnostic to whether it will be the webserver, the
consumer, or if it is run for a one-off command (i.e. creation of a
superuser, migration of the database, document export, ...).
The containers entrypoint is the `scripts/docker-entrypoint.sh` script.
This script verifies that the required permissions are set, remaps the
default users and/or groups id if required and installs additional
languages if the user wishes to.
After initialization, it analyzes the command the user supplied:
- If the command starts with a slash, it is expected that the user
wants to execute a binary file and the command will be executed
without further intervention. (Using `exec` to effectively replace
the started shell-script and not have any reaping-issues.)
- If the command does not start with a slash, the command will be
passed directly to the `manage.py` script without further
modification. (Again using `exec`.)
The default command is set to `--help`.
If the user wants to execute a command that is not meant for `manage.py`
but doesn't start with a slash, the Docker `--entrypoint` parameter can
be used to circumvent the mechanics of `docker-entrypoint.sh`.
Further information can be found in `docs/setup.rst` and in
`docs/migrating.rst`.
For additional convenience, a `Dockerfile` has been added to the `docs/`
directory which allows for easy building and serving of the
documentation. This is documented in `docs/requirements.rst`.
2016-02-17 18:45:04 +01:00
|
|
|
set -e
|
|
|
|
|
|
|
|
|
|
# Source: https://github.com/sameersbn/docker-gitlab/
|
|
|
|
|
map_uidgid() {
|
2022-10-25 09:19:07 -07:00
|
|
|
local -r usermap_original_uid=$(id -u paperless)
|
|
|
|
|
local -r usermap_original_gid=$(id -g paperless)
|
|
|
|
|
local -r usermap_new_uid=${USERMAP_UID:-$usermap_original_uid}
|
|
|
|
|
local -r usermap_new_gid=${USERMAP_GID:-${usermap_original_gid:-$usermap_new_uid}}
|
|
|
|
|
if [[ ${usermap_new_uid} != "${usermap_original_uid}" || ${usermap_new_gid} != "${usermap_original_gid}" ]]; then
|
|
|
|
|
echo "Mapping UID and GID for paperless:paperless to $usermap_new_uid:$usermap_new_gid"
|
|
|
|
|
usermod -o -u "${usermap_new_uid}" paperless
|
|
|
|
|
groupmod -o -g "${usermap_new_gid}" paperless
|
2021-05-19 22:26:51 +02:00
|
|
|
fi
|
Add Dockerfile for application and documentation
This commit adds a `Dockerfile` to the root of the project, accompanied
by a `docker-compose.yml.example` for simplified deployment. The
`Dockerfile` is agnostic to whether it will be the webserver, the
consumer, or if it is run for a one-off command (i.e. creation of a
superuser, migration of the database, document export, ...).
The containers entrypoint is the `scripts/docker-entrypoint.sh` script.
This script verifies that the required permissions are set, remaps the
default users and/or groups id if required and installs additional
languages if the user wishes to.
After initialization, it analyzes the command the user supplied:
- If the command starts with a slash, it is expected that the user
wants to execute a binary file and the command will be executed
without further intervention. (Using `exec` to effectively replace
the started shell-script and not have any reaping-issues.)
- If the command does not start with a slash, the command will be
passed directly to the `manage.py` script without further
modification. (Again using `exec`.)
The default command is set to `--help`.
If the user wants to execute a command that is not meant for `manage.py`
but doesn't start with a slash, the Docker `--entrypoint` parameter can
be used to circumvent the mechanics of `docker-entrypoint.sh`.
Further information can be found in `docs/setup.rst` and in
`docs/migrating.rst`.
For additional convenience, a `Dockerfile` has been added to the `docs/`
directory which allows for easy building and serving of the
documentation. This is documented in `docs/requirements.rst`.
2016-02-17 18:45:04 +01:00
|
|
|
}
|
|
|
|
|
|
2022-06-03 09:18:48 -07:00
|
|
|
map_folders() {
|
|
|
|
|
# Export these so they can be used in docker-prepare.sh
|
|
|
|
|
export DATA_DIR="${PAPERLESS_DATA_DIR:-/usr/src/paperless/data}"
|
|
|
|
|
export MEDIA_ROOT_DIR="${PAPERLESS_MEDIA_ROOT:-/usr/src/paperless/media}"
|
2022-09-16 07:52:33 -07:00
|
|
|
export CONSUME_DIR="${PAPERLESS_CONSUMPTION_DIR:-/usr/src/paperless/consume}"
|
2022-06-03 09:18:48 -07:00
|
|
|
}
|
|
|
|
|
|
2022-11-29 20:05:08 -08:00
|
|
|
custom_container_init() {
|
|
|
|
|
# Mostly borrowed from the LinuxServer.io base image
|
|
|
|
|
# https://github.com/linuxserver/docker-baseimage-ubuntu/tree/bionic/root/etc/cont-init.d
|
|
|
|
|
local -r custom_script_dir="/custom-cont-init.d"
|
|
|
|
|
# Tamper checking.
|
|
|
|
|
# Don't run files which are owned by anyone except root
|
|
|
|
|
# Don't run files which are writeable by others
|
|
|
|
|
if [ -d "${custom_script_dir}" ]; then
|
|
|
|
|
if [ -n "$(/usr/bin/find "${custom_script_dir}" -maxdepth 1 ! -user root)" ]; then
|
|
|
|
|
echo "**** Potential tampering with custom scripts detected ****"
|
|
|
|
|
echo "**** The folder '${custom_script_dir}' must be owned by root ****"
|
|
|
|
|
return 0
|
|
|
|
|
fi
|
|
|
|
|
if [ -n "$(/usr/bin/find "${custom_script_dir}" -maxdepth 1 -perm -o+w)" ]; then
|
|
|
|
|
echo "**** The folder '${custom_script_dir}' or some of contents have write permissions for others, which is a security risk. ****"
|
|
|
|
|
echo "**** Please review the permissions and their contents to make sure they are owned by root, and can only be modified by root. ****"
|
|
|
|
|
return 0
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# Make sure custom init directory has files in it
|
|
|
|
|
if [ -n "$(/bin/ls -A "${custom_script_dir}" 2>/dev/null)" ]; then
|
|
|
|
|
echo "[custom-init] files found in ${custom_script_dir} executing"
|
|
|
|
|
# Loop over files in the directory
|
|
|
|
|
for SCRIPT in "${custom_script_dir}"/*; do
|
|
|
|
|
NAME="$(basename "${SCRIPT}")"
|
|
|
|
|
if [ -f "${SCRIPT}" ]; then
|
|
|
|
|
echo "[custom-init] ${NAME}: executing..."
|
|
|
|
|
/bin/bash "${SCRIPT}"
|
|
|
|
|
echo "[custom-init] ${NAME}: exited $?"
|
|
|
|
|
elif [ ! -f "${SCRIPT}" ]; then
|
|
|
|
|
echo "[custom-init] ${NAME}: is not a file"
|
|
|
|
|
fi
|
|
|
|
|
done
|
|
|
|
|
else
|
|
|
|
|
echo "[custom-init] no custom files found exiting..."
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
|
Add Dockerfile for application and documentation
This commit adds a `Dockerfile` to the root of the project, accompanied
by a `docker-compose.yml.example` for simplified deployment. The
`Dockerfile` is agnostic to whether it will be the webserver, the
consumer, or if it is run for a one-off command (i.e. creation of a
superuser, migration of the database, document export, ...).
The containers entrypoint is the `scripts/docker-entrypoint.sh` script.
This script verifies that the required permissions are set, remaps the
default users and/or groups id if required and installs additional
languages if the user wishes to.
After initialization, it analyzes the command the user supplied:
- If the command starts with a slash, it is expected that the user
wants to execute a binary file and the command will be executed
without further intervention. (Using `exec` to effectively replace
the started shell-script and not have any reaping-issues.)
- If the command does not start with a slash, the command will be
passed directly to the `manage.py` script without further
modification. (Again using `exec`.)
The default command is set to `--help`.
If the user wants to execute a command that is not meant for `manage.py`
but doesn't start with a slash, the Docker `--entrypoint` parameter can
be used to circumvent the mechanics of `docker-entrypoint.sh`.
Further information can be found in `docs/setup.rst` and in
`docs/migrating.rst`.
For additional convenience, a `Dockerfile` has been added to the `docs/`
directory which allows for easy building and serving of the
documentation. This is documented in `docs/requirements.rst`.
2016-02-17 18:45:04 +01:00
|
|
|
initialize() {
|
2022-05-24 13:15:01 -07:00
|
|
|
|
|
|
|
|
# Setup environment from secrets before anything else
|
2022-12-25 15:25:27 -08:00
|
|
|
# Check for a version of this var with _FILE appended
|
|
|
|
|
# and convert the contents to the env var value
|
|
|
|
|
# Source it so export is persistent
|
|
|
|
|
# shellcheck disable=SC1091
|
|
|
|
|
source /sbin/env-from-file.sh
|
2022-05-24 13:15:01 -07:00
|
|
|
|
2022-06-03 09:18:48 -07:00
|
|
|
# Change the user and group IDs if needed
|
2020-10-29 00:46:57 +01:00
|
|
|
map_uidgid
|
Add Dockerfile for application and documentation
This commit adds a `Dockerfile` to the root of the project, accompanied
by a `docker-compose.yml.example` for simplified deployment. The
`Dockerfile` is agnostic to whether it will be the webserver, the
consumer, or if it is run for a one-off command (i.e. creation of a
superuser, migration of the database, document export, ...).
The containers entrypoint is the `scripts/docker-entrypoint.sh` script.
This script verifies that the required permissions are set, remaps the
default users and/or groups id if required and installs additional
languages if the user wishes to.
After initialization, it analyzes the command the user supplied:
- If the command starts with a slash, it is expected that the user
wants to execute a binary file and the command will be executed
without further intervention. (Using `exec` to effectively replace
the started shell-script and not have any reaping-issues.)
- If the command does not start with a slash, the command will be
passed directly to the `manage.py` script without further
modification. (Again using `exec`.)
The default command is set to `--help`.
If the user wants to execute a command that is not meant for `manage.py`
but doesn't start with a slash, the Docker `--entrypoint` parameter can
be used to circumvent the mechanics of `docker-entrypoint.sh`.
Further information can be found in `docs/setup.rst` and in
`docs/migrating.rst`.
For additional convenience, a `Dockerfile` has been added to the `docs/`
directory which allows for easy building and serving of the
documentation. This is documented in `docs/requirements.rst`.
2016-02-17 18:45:04 +01:00
|
|
|
|
2022-06-03 09:18:48 -07:00
|
|
|
# Check for overrides of certain folders
|
|
|
|
|
map_folders
|
|
|
|
|
|
2022-10-25 09:19:07 -07:00
|
|
|
local -r export_dir="/usr/src/paperless/export"
|
2022-06-03 14:02:58 -07:00
|
|
|
|
2022-09-16 07:52:33 -07:00
|
|
|
for dir in \
|
|
|
|
|
"${export_dir}" \
|
|
|
|
|
"${DATA_DIR}" "${DATA_DIR}/index" \
|
|
|
|
|
"${MEDIA_ROOT_DIR}" "${MEDIA_ROOT_DIR}/documents" "${MEDIA_ROOT_DIR}/documents/originals" "${MEDIA_ROOT_DIR}/documents/thumbnails" \
|
|
|
|
|
"${CONSUME_DIR}"; do
|
2022-06-03 09:18:48 -07:00
|
|
|
if [[ ! -d "${dir}" ]]; then
|
|
|
|
|
echo "Creating directory ${dir}"
|
2023-12-30 20:25:34 +01:00
|
|
|
mkdir --parents "${dir}"
|
2020-10-29 00:46:57 +01:00
|
|
|
fi
|
|
|
|
|
done
|
Add Dockerfile for application and documentation
This commit adds a `Dockerfile` to the root of the project, accompanied
by a `docker-compose.yml.example` for simplified deployment. The
`Dockerfile` is agnostic to whether it will be the webserver, the
consumer, or if it is run for a one-off command (i.e. creation of a
superuser, migration of the database, document export, ...).
The containers entrypoint is the `scripts/docker-entrypoint.sh` script.
This script verifies that the required permissions are set, remaps the
default users and/or groups id if required and installs additional
languages if the user wishes to.
After initialization, it analyzes the command the user supplied:
- If the command starts with a slash, it is expected that the user
wants to execute a binary file and the command will be executed
without further intervention. (Using `exec` to effectively replace
the started shell-script and not have any reaping-issues.)
- If the command does not start with a slash, the command will be
passed directly to the `manage.py` script without further
modification. (Again using `exec`.)
The default command is set to `--help`.
If the user wants to execute a command that is not meant for `manage.py`
but doesn't start with a slash, the Docker `--entrypoint` parameter can
be used to circumvent the mechanics of `docker-entrypoint.sh`.
Further information can be found in `docs/setup.rst` and in
`docs/migrating.rst`.
For additional convenience, a `Dockerfile` has been added to the `docs/`
directory which allows for easy building and serving of the
documentation. This is documented in `docs/requirements.rst`.
2016-02-17 18:45:04 +01:00
|
|
|
|
2024-02-28 14:46:24 -08:00
|
|
|
local -r tmp_dir="${PAPERLESS_SCRATCH_DIR:=/tmp/paperless}"
|
|
|
|
|
echo "Creating directory scratch directory ${tmp_dir}"
|
2023-12-30 20:25:34 +01:00
|
|
|
mkdir --parents "${tmp_dir}"
|
2021-01-21 01:02:41 +01:00
|
|
|
|
2021-05-19 22:26:51 +02:00
|
|
|
set +e
|
2021-06-13 12:54:24 +02:00
|
|
|
echo "Adjusting permissions of paperless files. This may take a while."
|
2024-02-28 14:46:24 -08:00
|
|
|
chown -R paperless:paperless "${tmp_dir}"
|
2022-09-16 07:52:33 -07:00
|
|
|
for dir in \
|
|
|
|
|
"${export_dir}" \
|
|
|
|
|
"${DATA_DIR}" \
|
|
|
|
|
"${MEDIA_ROOT_DIR}" \
|
|
|
|
|
"${CONSUME_DIR}"; do
|
2022-06-03 09:18:48 -07:00
|
|
|
find "${dir}" -not \( -user paperless -and -group paperless \) -exec chown paperless:paperless {} +
|
|
|
|
|
done
|
2021-05-19 22:26:51 +02:00
|
|
|
set -e
|
2020-10-29 00:46:57 +01:00
|
|
|
|
2022-08-03 13:26:04 -07:00
|
|
|
"${gosu_cmd[@]}" /sbin/docker-prepare.sh
|
2022-11-29 20:05:08 -08:00
|
|
|
|
|
|
|
|
# Leave this last thing
|
|
|
|
|
custom_container_init
|
|
|
|
|
|
2020-10-29 00:46:57 +01:00
|
|
|
}
|
2017-12-20 16:17:58 +02:00
|
|
|
|
2020-10-29 00:46:57 +01:00
|
|
|
install_languages() {
|
2021-01-13 19:58:09 +01:00
|
|
|
echo "Installing languages..."
|
|
|
|
|
|
2022-11-10 17:25:39 -08:00
|
|
|
read -ra langs <<<"$1"
|
2020-10-29 00:46:57 +01:00
|
|
|
|
|
|
|
|
# Check that it is not empty
|
|
|
|
|
if [ ${#langs[@]} -eq 0 ]; then
|
|
|
|
|
return
|
|
|
|
|
fi
|
|
|
|
|
apt-get update
|
|
|
|
|
|
|
|
|
|
for lang in "${langs[@]}"; do
|
2021-05-19 22:26:51 +02:00
|
|
|
pkg="tesseract-ocr-$lang"
|
|
|
|
|
|
2022-03-20 15:58:37 +01:00
|
|
|
if dpkg -s "$pkg" &>/dev/null; then
|
2021-05-19 22:26:51 +02:00
|
|
|
echo "Package $pkg already installed!"
|
|
|
|
|
continue
|
|
|
|
|
fi
|
|
|
|
|
|
2022-03-20 15:58:37 +01:00
|
|
|
if ! apt-cache show "$pkg" &>/dev/null; then
|
2021-05-19 22:26:51 +02:00
|
|
|
echo "Package $pkg not found! :("
|
|
|
|
|
continue
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
echo "Installing package $pkg..."
|
|
|
|
|
if ! apt-get -y install "$pkg" &>/dev/null; then
|
|
|
|
|
echo "Could not install $pkg"
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
done
|
Add Dockerfile for application and documentation
This commit adds a `Dockerfile` to the root of the project, accompanied
by a `docker-compose.yml.example` for simplified deployment. The
`Dockerfile` is agnostic to whether it will be the webserver, the
consumer, or if it is run for a one-off command (i.e. creation of a
superuser, migration of the database, document export, ...).
The containers entrypoint is the `scripts/docker-entrypoint.sh` script.
This script verifies that the required permissions are set, remaps the
default users and/or groups id if required and installs additional
languages if the user wishes to.
After initialization, it analyzes the command the user supplied:
- If the command starts with a slash, it is expected that the user
wants to execute a binary file and the command will be executed
without further intervention. (Using `exec` to effectively replace
the started shell-script and not have any reaping-issues.)
- If the command does not start with a slash, the command will be
passed directly to the `manage.py` script without further
modification. (Again using `exec`.)
The default command is set to `--help`.
If the user wants to execute a command that is not meant for `manage.py`
but doesn't start with a slash, the Docker `--entrypoint` parameter can
be used to circumvent the mechanics of `docker-entrypoint.sh`.
Further information can be found in `docs/setup.rst` and in
`docs/migrating.rst`.
For additional convenience, a `Dockerfile` has been added to the `docs/`
directory which allows for easy building and serving of the
documentation. This is documented in `docs/requirements.rst`.
2016-02-17 18:45:04 +01:00
|
|
|
}
|
|
|
|
|
|
2022-03-01 14:09:09 -08:00
|
|
|
echo "Paperless-ngx docker container starting..."
|
2021-01-13 19:58:09 +01:00
|
|
|
|
2022-07-09 16:14:33 -04:00
|
|
|
gosu_cmd=(gosu paperless)
|
2022-08-03 13:26:04 -07:00
|
|
|
if [ "$(id -u)" == "$(id -u paperless)" ]; then
|
2022-07-09 16:14:33 -04:00
|
|
|
gosu_cmd=()
|
|
|
|
|
fi
|
|
|
|
|
|
2020-11-01 23:01:36 +01:00
|
|
|
# Install additional languages if specified
|
2022-03-20 15:58:37 +01:00
|
|
|
if [[ -n "$PAPERLESS_OCR_LANGUAGES" ]]; then
|
2021-05-19 22:26:51 +02:00
|
|
|
install_languages "$PAPERLESS_OCR_LANGUAGES"
|
Add Dockerfile for application and documentation
This commit adds a `Dockerfile` to the root of the project, accompanied
by a `docker-compose.yml.example` for simplified deployment. The
`Dockerfile` is agnostic to whether it will be the webserver, the
consumer, or if it is run for a one-off command (i.e. creation of a
superuser, migration of the database, document export, ...).
The containers entrypoint is the `scripts/docker-entrypoint.sh` script.
This script verifies that the required permissions are set, remaps the
default users and/or groups id if required and installs additional
languages if the user wishes to.
After initialization, it analyzes the command the user supplied:
- If the command starts with a slash, it is expected that the user
wants to execute a binary file and the command will be executed
without further intervention. (Using `exec` to effectively replace
the started shell-script and not have any reaping-issues.)
- If the command does not start with a slash, the command will be
passed directly to the `manage.py` script without further
modification. (Again using `exec`.)
The default command is set to `--help`.
If the user wants to execute a command that is not meant for `manage.py`
but doesn't start with a slash, the Docker `--entrypoint` parameter can
be used to circumvent the mechanics of `docker-entrypoint.sh`.
Further information can be found in `docs/setup.rst` and in
`docs/migrating.rst`.
For additional convenience, a `Dockerfile` has been added to the `docs/`
directory which allows for easy building and serving of the
documentation. This is documented in `docs/requirements.rst`.
2016-02-17 18:45:04 +01:00
|
|
|
fi
|
|
|
|
|
|
2020-12-09 23:45:53 +01:00
|
|
|
initialize
|
|
|
|
|
|
2020-11-13 18:42:32 +01:00
|
|
|
if [[ "$1" != "/"* ]]; then
|
2021-01-13 19:58:09 +01:00
|
|
|
echo Executing management command "$@"
|
2022-08-03 13:26:04 -07:00
|
|
|
exec "${gosu_cmd[@]}" python3 manage.py "$@"
|
2020-11-13 18:42:32 +01:00
|
|
|
else
|
2021-01-13 19:58:09 +01:00
|
|
|
echo Executing "$@"
|
2020-11-13 18:42:32 +01:00
|
|
|
exec "$@"
|
|
|
|
|
fi
|
